CRXaminer

[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Starting analysis...

Last scanned: 12 days ago | force re-scan

Extension Details

Context-Aware Verdict

CRITICAL

Overall Risk

Trust Factors: The extension lacks basic identifying information including name, description, author, and user statistics, which are significant red flags. Without download counts, ratings, or developer information, it's impossible to assess the extension's legitimacy or reputation. The absence of these fundamental details suggests either a malicious extension or one that hasn't been properly vetted.

Concerns:

- Missing critical metadata (name, description, author) indicates potential malicious intent

- Excessive permissions for an unknown extension with tabs and webRequest capabilities

- Broad host permissions across all HTTP/HTTPS sites enable comprehensive data harvesting

- Content scripts running on all websites can inject malicious code

- Combination of webRequest and tabs permissions allows complete traffic interception and manipulation

- No visible legitimate use case to justify such extensive permissions

- Storage permission enables persistent data collection

Recommendations:

Do not install this extension under any circumstances. The combination of missing identification information and dangerous permissions creates an extremely high-risk scenario. If already installed, remove immediately and scan your system for malware. If you must test suspicious extensions, use a completely isolated Chrome profile with no personal data, preferably on a virtual machine. Consider reporting this extension to Chrome Web Store security team if encountered in the wild. Always verify extension authenticity through official sources before installation.

Findings

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequest

This extension has the webRequest permission. Can intercept and modify web requests. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

Security Analysis Details

Required Permissions:

contextMenus
tabs
storage
webRequest

Host Permissions:

http://*/*
https://*/*

Embedded URLs (14 total):

http://127.0.0.1:8890/isw/	http://www.w3.org/2000/svg
https://tailwindcss.com	https://info.miyabull.jp/alertcategory/#
http://172.0.0.1	https://chromewebstore.google.com/detail/%E3%81%BF%E3%82%84%E3%83%96%E3%83%AB/kficigjagekfcihnhfbnaehhgcjnmgak
https://chromewebstore.google.com/detail/%E8%A9%90%E6%AC%BA%E3%82%A6%E3%82%A9%E3%83%BC%E3%83%AB%EF%BC%88pc%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%EF%BC%89/oocghepchalcpemkmfjdinkemobfebep	https://microsoftedge.microsoft.com/addons/detail/%E8%A9%90%E6%AC%BA%E3%82%A6%E3%82%A9%E3%83%BC%E3%83%AB-internet-sagiwal/leefgnnoepmpcjhlhbfjfalnodafmpoo
https://microsoftedge.microsoft.com/addons/detail/%E8%A9%90%E6%AC%BA%E3%82%A6%E3%82%A9%E3%83%BC%E3%83%AB%EF%BC%88pc%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%EF%BC%89/glmankhbocechieclchfhbmpjhhpemcj	https://addons.mozilla.org/ja/firefox/addon/internet-sagiwall/
https://miyabull.jp/isw_20/support/	https://pc-security.mb.softbank.jp/support/isw-extension/
https://clients2.google.com/service/update2/crx	https://miyabull.jp/

Raw Manifest

{
  "name": "みやブル",
  "icons": {
    "16": "img/icon16.png",
    "48": "img/icon48.png",
    "128": "img/icon128.png"
  },
  "action": {
    "default_icon": {
      "19": "img/icon19.png",
      "38": "img/icon_38x38green.png"
    },
    "default_title": "みやブル for Chrome extension"
  },
  "author": "Copyright (C) BBSS Corporation. All rights reserved.",
  "version": "5.0.1",
  "incognito": "split",
  "background": {
    "service_worker": "background.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "みやブル for Chrome extension",
  "permissions": [
    "contextMenus",
    "tabs",
    "storage",
    "webRequest"
  ],
  "homepage_url": "https://miyabull.jp/",
  "content_scripts": [
    {
      "js": [
        "extensionDef.js",
        "extensionIndividualDef.js",
        "extensionCommon.js",
        "appHost.js",
        "documentStart.js"
      ],
      "run_at": "document_start",
      "matches": [
        "http://*/*",
        "https://*/*"
      ]
    },
    {
      "js": [
        "documentIdle.js"
      ],
      "run_at": "document_idle",
      "matches": [
        "http://*/*",
        "https://*/*"
      ]
    }
  ],
  "host_permissions": [
    "http://*/*",
    "https://*/*"
  ],
  "manifest_version": 3
}

by ✦ Astarte

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (14 total):

Raw Manifest

Detections

Manifest Findings